Researchers unveil LLM tool to find Python zero-days
Briefly

"The tool does not simply paste some code from the project and ask for analysis," explained Dan McInerney. "It automatically finds project files that are likely to handle remote user input, Claude analyzes that for potential vulnerabilities..."
"In this loop it intelligently requests functions/classes/variables from elsewhere in the code continually until it completes the entire call chain from user input to server output without blowing up its context window... the advantage...is a massive reduction in false positives/negatives since it can read the entire call chain..."
Read at Theregister
[
|
]